<?php
    session_start();
/**
 * Created by PhpStorm.
 * User: Quyet
 * Date: 12/5/2014
 * Time: 10:30 AM
 */
include '../db/dbConnect.php';
include "function/helper.php";

    if($_SERVER['REQUEST_METHOD'] == 'POST'){
        if($_POST['uName'] && $_POST['uPass']){


            $uName=escape($_POST['uName']);
            $uPass=md5(escape($_POST['uPass']).$uName);

            $sql="SELECT * FROM u_user WHERE email = '".$uName."' AND password ='".$uPass."'";
            $result=mysql_query($sql);
            if(mysql_error()){
                echo ("Mysql ERROR: ".mysql_error());
				exit();
            }
            if(mysql_num_rows($result)){
                $row=mysql_fetch_array($result);
                $_SESSION['LoginData']=$row;
                echo "Xin chào ".$_SESSION['LoginData']['lstName']." ".$_SESSION['LoginData']["fstName"];
                $sql="update u_user set online=1 where iduser=".$_SESSION['LoginData']["iduser"];
                if(!mysql_query($sql))
                    echo mysql_error();
            }else{
				echo 1;
                die();
            }

        }
    }else{
        die();
    }